Methods and Systems for Multi-Factor Authentication in Secure Media-Based Conferencing

1. A computerized method for authenticating an end point device participating in a media-based conference call, the method comprising: receiving, by a call processing module of a server computing device, a request to join a conference call between a plurality of end point devices, the request including a media stream associated with the first end point device; analyzing, by the call processing module, the media stream using a matrix of authentication factors, wherein the authentication factors include a) user-specific factors comprising facial recognition attributes, audio recognition attributes, and user gesture attributes; b) environment factors comprising (i) acoustic attributes of a device used to capture audio during the call and of a room in which the first end point device is located, wherein the call processing module analyzes a waveform associated with the captured audio to determine the acoustic attributes, and (ii) lighting hues of the room in which the first end point device is located, wherein the call processing module analyzes video images in the media stream to determine the lighting hues; and c) technical factors comprising technical attributes of the end point device and technical attributes of the media stream; determining, by the call processing module, an authentication score for the first end point device based upon the media stream analysis; and determining, by the call processing module, whether to connect the first end point device to the conference call, another media resource, or another user of a network or communication system based upon the authentication score.

2. The method of claim 1 , further comprising: determining, by the call processing module, an identity of a user of the first end point device based upon the media stream analysis; and retrieving, by the call processing module, a user profile based upon the identity of the user, the user profile including a set of permissions associated with conference call functionality.

3. The method of claim 1 , wherein the technical attributes of the first end point device include an image resolution of a camera coupled to the first end point device, a device identifier, a location, and an originating address.

4. The method of claim 1 , wherein the technical attributes of the media stream include a media format and a media quality.

5. The method of claim 1 , further comprising: transmitting, by the call processing module, the media stream associated with the first end point device to one or more other end point devices connected to the conference call; receiving, by the call processing module, a validation signal from the one or more other end point devices to confirm an identity of a user of the first end point device; and adding, by the call processing module, the received validation signal to the matrix of authentication factors.

6. The method of claim 1 , wherein the media stream analysis includes comparing the matrix of authentication factors for the media stream to a matrix of authentication factors for prior media streams associated with the first end point device.

7. The method of claim 6 , wherein the media stream analysis includes analyzing the matrix of authentication factors for the media stream based upon user- and/or system-specified preferences.

8. The method of claim 1 , further comprising storing, by the call processing module, the media stream analysis and authentication score for the media stream in a database.

9. The method of claim 1 , wherein the media stream analysis and authentication score determination occur periodically during the conference call.

10. The method of claim 1 , wherein the authentication score is below a predetermined threshold, the method further comprising transmitting, by the call processing module, a request for user credentials to the first end point device.

11. The method of claim 1 , further comprising transmitting, by the call processing module, the authentication score for the first end point device for display on one or more other end point devices connected to the conference call.

12. The method of claim 1 , further comprising: denying, by the call processing module, the request to join the conference call when the authentication score is below a predetermined threshold; and disconnecting, by the call processing module, the first end point device.

13. The method of claim 1 , further comprising: allowing, by the call processing module, the request to join the conference call when the authentication score is at or above a predetermined threshold; and connecting, by the call processing module, the first end point device to the conference call.

14. A system for authenticating an end point device participating in a media-based conference call, the system comprising a server computing device having a call processing module configured to: receive a request to join a conference call between a plurality of end point devices, the request including a media stream associated with the first end point device; analyze the media stream using a matrix of authentication factors, wherein the authentication factors include a) user-specific factors comprising facial recognition attributes, audio recognition attributes, and user gesture attributes; b) environment factors comprising (i) acoustic attributes of a device used to capture audio during the call and of a room in which the first end point device is located, wherein the call processing module analyzes a waveform associated with the captured audio to determine the acoustic attributes, and (ii) lighting hues of the room in which the first end point device is located, wherein the call processing module analyzes video images in the media stream to determine the lighting hues; and c) technical factors comprising technical attributes of the end point device and technical attributes of the media stream; determine an authentication score for the first end point device based upon the media stream analysis; and determine whether to connect the first end point device to the conference call, another media resource, or another user of a network or communication system based upon the authentication score.

15. The system of claim 14 , wherein the call processing module is further configured to: determine an identity of a user of the first end point device based upon the media stream analysis; and retrieve a user profile based upon the identity of the user, the user profile including a set of permissions associated with conference call functionality.

16. The system of claim 14 , wherein the technical attributes of the first end point device include an image resolution of a camera coupled to the first end point device, a device identifier, a location, and an originating address.

17. The system of claim 14 , wherein the technical attributes of the media stream include a media format and a media quality.

18. The system of claim 14 , wherein the call processing module is further configured to: transmit the media stream associated with the first end point device to one or more other end point devices connected to the conference call; receive a validation signal from the one or more other end point devices to confirm an identity of a user of the first end point device; and add the received validation signal to the matrix of authentication factors.

19. The system of claim 14 , wherein the media stream analysis includes comparing the matrix of authentication factors for the media stream to a matrix of authentication factors for prior media streams associated with the first end point device.

20. The method of claim 19 , wherein the media stream analysis includes analyzing the matrix of authentication factors for the media stream based upon user- and/or system-specified preferences.

21. The system of claim 14 , wherein the call processing module is further configured to store the media stream analysis and authentication score for the media stream in a database.

22. The system of claim 14 , wherein the media stream analysis and authentication score determination occur periodically during the conference call.

23. The system of claim 14 , wherein the authentication score is below a predetermined threshold, the call processing module further configured to transmit a request for user credentials to the first end point device.

24. The system of claim 14 , wherein the call processing module is further configured to: deny the request to join the conference call when the authentication score is below a predetermined threshold; and disconnect the first end point device.

25. The system of claim 14 , wherein the call processing module is further configured to: allow the request to join the conference call when the authentication score is at or above a predetermined threshold; and connect the first end point device to the conference call.

26. A computer program product, tangibly embodied in a non-transitory computer readable storage device, for authenticating an end point device participating in a media-based conference call, the computer program product including instructions operable to cause a call processing module of a server computing device to: receive a request to join a conference call between a plurality of end point devices, the request including a media stream associated with the first end point device; analyze the media stream using a matrix of authentication factors, wherein the authentication factors include a) user-specific factors comprising facial recognition attributes, audio recognition attributes, and user gesture attributes; b) environment factors comprising (i) acoustic attributes of a device used to capture audio during the call and of a room in which the first end point device is located, wherein the call processing module analyzes a waveform associated with the captured audio to determine the acoustic attributes, and (ii) lighting hues of the room in which the first end point device is located, wherein the call processing module analyzes video images in the media stream to determine the lighting hues; and c) technical factors comprising technical attributes of the end point device and technical attributes of the media stream; determine an authentication score for the first end point device based upon the media stream analysis; and determine whether to connect the first end point device to the conference call, another media resource, or another user of a network or communication system based upon the authentication score.